On 28 Aug 0:58, Guillaume Morin wrote:
> > I am not sure about the above analysis. It is true that
> > hugetlb_cgroup_uncharge_page_rsvd is called unconditionally in
> > free_huge_page. However, IIUC hugetlb_cgroup_uncharge_page_rsvd will
> > only decrement the css refcount if there is a non-NULL hugetlb_cgroup
> > pointer in the page. And, the pointer in the page would only be set
> > in the 'deferred_reserve' path of alloc_huge_page. Unless I am
> > missing something, they seem to balance.
>
> Now that you explain, I am pretty sure that you're right and I was
> wrong.
>
> I'll confirm that I can't reproduce without my change for 2.
Confirmed. With the patch for the first issue, the issue is indeed
fixed. I must have messed up something during my testing...
Anyway, this is the change for 1:
diff --git a/mm/hugetlb.c b/mm/hugetlb.c
index 8ea35ba6699f..00ad4af0399b 100644
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
@@ -4033,8 +4033,11 @@ static void hugetlb_vm_op_open(struct vm_area_struct *vma)
* after this open call completes. It is therefore safe to take a
* new reference here without additional locking.
*/
- if (resv && is_vma_resv_set(vma, HPAGE_RESV_OWNER))
+ if (resv && is_vma_resv_set(vma, HPAGE_RESV_OWNER)) {
+ if (resv->css)
+ css_get(resv->css);
kref_get(&resv->refs);
+ }
}
static void hugetlb_vm_op_close(struct vm_area_struct *vma)
--
Guillaume Morin <guillaume@xxxxxxxxxxx>
